VMWare Security Blog

VMware vDefend directly conforms to NIST CSF, HIPAA, and PCI DSS requirements, providing organizations with the critical controls needed to satisfy regulatory mandates and mitigate modern threats. Regulatory compliance has become a strategic imperative across all industry sectors due to a growing global focus on data privacy, supply chain transparency, and operational resilience. This urgency … Continued

The post Validated Compliance: VMware vDefend Conforms with NIST CSF, HIPAA and PCI DSS appeared first on VMware Security Blog.

In the past, data center security mostly relied on perimeter protection—”building walls” to keep bad actors out. Today, safeguarding the data center’s “east-west” or lateral traffic traversing within applications and data is just as critical. Threat actors are leveraging “Frontier AI” security models to automate and accelerate attacks against private cloud workloads.  To help enterprises … Continued

The post Introducing VMware vDefend Lateral Security Design Blueprints for VCF 9.1 appeared first on VMware Security Blog.

We would like to bring your attention to a security bulletin from AMD: AMD-SN-2001: Ionic Driver Vulnerabilities. The bulletin details three vulnerabilities — CVE-2025-62623, CVE-2025-62624, and CVE-2025-62627 — present in the AMD ionic cloud driver for VMware ESX. These issues affect ESX hosts using AMD-Pensando DPU (Data Processing Unit) products. We strongly encourage you to … Continued

The post AMD Ionic Driver Vulnerabilities Affecting VMware ESX appeared first on VMware Security Blog.

Update, May 16, 2026 Pwn2Own 2026 has finished and we have witnessed one successful attempt on our products. On May 16, 2026, Nguyen Hoang Thach of STARLabs SG successfully demonstrated an exploit targeting VMware ESX. We are actively working on the remediation and we plan to publish a VMware Security Advisory to provide information on … Continued

The post VMware at Pwn2Own Berlin 2026 appeared first on VMware Security Blog.

New enhancements include Self-Service Lateral Security with VCF Automation, Unified Lateral Threat Prevention for VMs and VKS Workloads, High-Performance Threat Prevention with IDPS Turbo Mode, and Enhanced Distributed Firewall capabilities. The rapid adoption of production AI workloads is reshaping the enterprise technology landscape, driving the growth of Kubernetes environments alongside existing VM-based infrastructure. As organizations … Continued

The post VMware vDefend for VCF 9.1: Zero Trust Lateral Security for the AI Era appeared first on VMware Security Blog.

This article was originally published December 2025 in:     Hugely disruptive ransomware attacks can be thwarted by distributed lateral security embedded at the private cloud level, using macro- and micro-segmentation and integrated threat detection and prevention. Ransomware attacks in 2025 have caused business operations to close for weeks and months resulting in massive financial … Continued

The post Breaking the Ransomware Kill Chain: Why Distributed Lateral Security Is No Longer Optional appeared first on VMware Security Blog.

As the digital landscape enters the age of Artificial Intelligence, the traditional methods of securing applications are being fundamentally challenged. The emergence of advanced AI models has shifted the advantage towards attackers. With AI, even a novice attacker is now weaponized into a sophisticated hacker while operating semi-autonomously at very low cost, and unprecedented scale. … Continued

The post Virtual Patching: Guarding Against a Tsunami of AI-discovered Exploits with vDefend and Avi appeared first on VMware Security Blog.

In a cloud-native environment, Kubernetes-based containerized orchestration has brought developer agility – but it has also fundamentally changed the security paradigm. Traditional “castle-and-moat” security designs that rely on a perimeter firewall are no longer enough to protect modern workloads. Once an attacker breaches that outer shell, the flat network architecture common in many Kubernetes environments … Continued

The post VMware vDefend: Zero Trust Lateral Security for Kubernetes Workloads on VCF appeared first on VMware Security Blog.

In September 2025, the cybercriminal group Storm-1175 exploited a zero-day vulnerability in GoAnywhere Managed File Transfer to deploy Medusa ransomware across multiple organizations. The attack succeeded despite perimeter defenses because no signature existed to detect it, and by the time one did, attackers had already established persistence and were moving freely through victim networks. This … Continued

The post Why Perimeter Firewall is Not Enough: Lessons from the GoAnywhere MFT Zero-Day appeared first on VMware Security Blog.

The “Invisible Corridor” Security doesn’t break all at once; it erodes in the shadows. The alert didn’t appear to be a crisis because, to your perimeter, everything looked normal. An authorized user, a permitted port, and a standard protocol—on paper was a valid connection. In reality, it was the “keys to the kingdom” being handed … Continued

The post Advancing Zero Trust Private Cloud with vDefend Lateral Security appeared first on VMware Security Blog.

This article was originally published May 2025 in: AI can transform Zero Trust security implementation and management from a complex manual and multi-year task into an highly-automated, rapidly-deployable solution for modern enterprises. As enterprises increasingly move workloads to private cloud for reasons such as performance, compliance and to leverage AI on-premise, security leaders face a … Continued

The post Game changer: How AI simplifies implementation of Zero Trust security objectives appeared first on VMware Security Blog.

When deploying Zero Trust to quickly address security gaps and improve segmentation posture in a brownfield or greenfield environment, customers need a prescriptive, multi-stage segmentation workflow designed to progressively secure east-west traffic in the VMware Cloud Foundation (VCF) private cloud. vDefend delivers Distributed Firewall (DFW) 1-2-3-4* — an automated workflow that helps security administrators systematically … Continued

The post vDefend DFW 1-2-3-4: Deploy Zero Trust Microsegmentation in a Few Weeks to Rapidly Secure VCF Workloads appeared first on VMware Security Blog.

In today’s rapidly evolving threat landscape, effective security operations hinge on two critical pillars: automation and context aggregation. As organizations grapple with increasingly sophisticated attacks, the ability to seamlessly integrate diverse security solutions becomes paramount. This challenge is easily resolved through the successful integration of VMware vDefend Advanced Threat Prevention (ATP) with Security Information and … Continued

The post Stacking Your Defenses: Integrating Advanced Threat Prevention and SIEM appeared first on VMware Security Blog.

Announcing Microsegmentation Quick Start Wizard, NDR Sensor for datacenter-wide threat visibility, Fileless Malware Defense, and a tech preview of Lateral Security for Agentic AI In a world where cyber threats evolve by the nanosecond and AI/GenAI is reshaping every industry, security can feel like a game of endless catch-up. But what if you could not … Continued

The post Unleash Zero Trust: Secure Private Cloud and Agentic AI Workloads with VMware vDefend Innovations appeared first on VMware Security Blog.

VMware Explore 2025 is right around the corner! The agenda is bursting at the seams, and the catalog’s session scheduler is now available. Taking place in Las Vegas again this year from August 25 to 28, 2025, Explore 2025 will provide attendees with insights into cutting-edge technology purpose-built for private cloud environments. This year throws … Continued

The post VMware vDefend Sessions at Explore 2025 appeared first on VMware Security Blog.

Dubai Airports, responsible for managing both Dubai International (DXB) and Dubai World Central – Al Maktoum International (DWC), stands as a testament to the United Arab Emirates’ remarkable progress in establishing itself as a major international travel destination. DXB, a global aviation hub, retained its position as the world’s busiest international airport for the 11th … Continued

The post Dubai Airports Secures Critical Infrastructure with VMware vDefend appeared first on VMware Security Blog.

A home lab is an engineer’s paradise – offering a safe space to experiment, troubleshoot, and master new technologies at their own pace. VMware by Broadcom supports this method of hands-on learning, and now, with VMUG Advantage, membership benefits now include access to the VMware vDefend license. This new benefit allows Advantage members who pass … Continued

The post vDefend is now a part of VMUG Advantage appeared first on VMware Security Blog.

New enhancements include VPC-Aware Lateral Security, Self-Service Microsegmentation, Streamlined vDefend Migration to VCF, and Global Centralized IDS/IPS Policy Management for Accelerated Threat Response and Enforcement  The modern enterprise is rapidly adopting a private cloud strategy for its environments. A recent research study involving 1,800 senior leaders revealed that their organizations are prioritizing private cloud to … Continued

The post VMware vDefend Integrations with VMware Cloud Foundation 9.0: Accelerating Lateral Security for All VCF Applications appeared first on VMware Security Blog.

Security Segmentation Assessment is a new feature in Security Services Platform (SSP) 5.0 that enhances Security Intelligence by delivering a comprehensive, data-driven view of the organization’s current security posture. It not only highlights segmentation gaps but also provides actionable recommendations to harden your environment against modern threats. This capability is available with both VMware vDefend … Continued

The post Accelerating Micro-segmentation Adoption with Security Segmentation Assessment appeared first on VMware Security Blog.

Update July 15, 2025 Today, Broadcom has released the following new VMware security advisory: VMSA-2025-0013 – VMware ESXi, Workstation, Fusion, and Tools updates address multiple vulnerabilities (CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, CVE-2025-41239) The advisory documents the remediation of the Critical, Important, and Moderate severity vulnerabilities demonstrated at the Pwn2Own 2025 hacking contest. Customers should review the security … Continued

The post VMware and Pwn2Own 2025 – Berlin appeared first on VMware Security Blog.